package cn.itcast.web.controller;


import cn.itcast.domain.compony.Company;
import cn.itcast.domain.system.Module;
import cn.itcast.domain.system.User;
import cn.itcast.service.company.CompanyService;
import cn.itcast.service.system.ModuleService;
import cn.itcast.service.system.UserService;
import cn.itcast.utils.Encrypt;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;

import java.util.List;

@Controller
public class LoginController extends BaseController{

    @Autowired
    UserService userService;

    @Autowired
    CompanyService companyService;

    @Autowired
    ModuleService moduleService;

	@RequestMapping("/login")
	public String login(String email,String password) {
        //1 判断邮箱或密码是否为空 若为空则跳转到登录页进行提示
        if (StringUtils.isBlank(email) || StringUtils.isBlank(password)) {
            request.setAttribute("error","用户名和密码不能为空");
            return "forward:/login.jsp";
        }

        try {

            //2.若可用,获取shiro中的subject
            Subject subject = SecurityUtils.getSubject();

            //3.将用户名和密码进行封装,封装token(令牌)
            UsernamePasswordToken token = new UsernamePasswordToken(email, password);

            //4.调用subject.login(token)方法实现登陆操作
            subject.login(token);

            //5.若执行什么的方法没有异常就证明查询到了用户且密码也对;若有异常就证明有问题
            //6.若成功了,获取主要的数据loginUser
            User loginUser  = (User) subject.getPrincipal();

            // 判断公司是否被禁用
            Company company = companyService.findById(loginUser.getCompanyId());
            if (loginUser.getDegree() != 0 && company.getState() != 1) {
                // 公司若被禁用
                request.setAttribute("error","请联系贵公司的管理员");
                return "forward:/login.jsp";
            }
            session.setAttribute("loginUser",loginUser);
            // 根据用户查询模块列表
            List<Module> modules = moduleService.findModulesByUser(loginUser);
            //将模块列表放入session中
            session.setAttribute("modules",modules);
        } catch (AuthenticationException e) {
            e.printStackTrace();
            request.setAttribute("error","用户名或密码错误");
            return "forward:/login.jsp";
        }

        return "home/main";
	}

    /**
     * 修改个人密码
     */
    @RequestMapping("/xiugai")
    public String xiugai(String yuan, String xin, String queren) {
        User user = getLoginUser();
        if (StringUtils.isEmpty(yuan) || StringUtils.isEmpty(xin) || StringUtils.isEmpty(queren)) {
            request.setAttribute("error", "密码不可以为空");
            return "forward:/xiugai.jsp";
        }
        if (!xin.equals(queren)) {
            request.setAttribute("error", "两次密码不一致");
            return "forward:/xiugai.jsp";
        }
        String password = Encrypt.md5(yuan,user.getEmail());
        if (!password.equals(user.getPassword())) {
            request.setAttribute("error", "原密码错误");
            return "forward:/xiugai.jsp";
        }
        user.setPassword(xin);
        userService.changePassword(user);
        SecurityUtils.getSubject().logout();
        request.setAttribute("error", "请重新登录");
        return "forward:/login.jsp";
    }

    @RequestMapping(value = "/login/chongZhi", name = "重置密码")
    public String chongZhi(String id, String birthday, String email) {
        //重置密码：重置的密码为生日 例如19900101
        String replace = birthday.replace("-", "");
        userService.updatePassWord(id, replace, email);
        return "redirect:/system/user/list.do";
    }

    @RequestMapping("/home")
    public String home() {
        return "home/home";
    }

    //退出
    /*@RequestMapping(value = "/logout",name="用户登出")
    public String logout(){
        //方式1:
        //session.invalidate();

        //方式2:
        SecurityUtils.getSubject().logout();
        return "forward:login.jsp";
    }*/


}
